Thanks, I had seen the bug you are referring to, but didn't think that this was my problem since I don't see that exception anywhere. Is there anywhere that I may look to find that exception just to ensure that this is truely my problem?
Pat -----Original Message----- From: Jay Garala [mailto:[EMAIL PROTECTED] Sent: Wednesday, July 23, 2003 1:44 PM To: 'Tomcat Users List' Subject: RE: HELP! Client Authentication in Tomcat 4.1.24 This is the part you were missing. Unfortunately, the handling of Client certs in the Jk-Coyote connector is broken in 4.1.24 (see http://nagoya.apache.org/bugzilla/show_bug.cgi?id=15790). Wait for 4.1.26 or grab alpha from CVS -----Original Message----- From: Farrell, Patrick [mailto:[EMAIL PROTECTED] Sent: Wednesday, July 23, 2003 1:02 PM To: '[EMAIL PROTECTED]' Subject: HELP! Client Authentication in Tomcat 4.1.24 I am attempting to use client certificate authentication with Tomcat 4.1.24, but each time I connect via a browser (Internet Explorer) Tomcat indicates that it is unable to authenticate with the provided credentials. My client certificate is a personal certificate from Thawte. The corresponding root certificate already exists in my truststore. Shown below is my tomcat-users.xml file. <?xml version='1.0' encoding='utf-8'?> <tomcat-users> <role rolename="user" description="Authenticated User"/> <role rolename="manager" description="Tomcat Manager"/> <role rolename="admin" description="Tomcat Administrator"/> <user username="administrator" password="password" roles="admin,manager"/> <user username="[EMAIL PROTECTED], CN=Thawte Freemail Member" password="null" roles="user"/> </tomcat-users> Must I do anything with the client certificate in order for the server to trust it, or does the server simply grab the DN from the certificate and look in the realm for a user with the corresponding DN? Does anyone have any information or links on how to configure tomcat users with client authentication? Pat *********************************************************************** This message is intended only for the use of the intended recipient and may contain information that is PRIVILEGED and/or CONFIDENTIAL. If you are not the intended recipient, you are hereby notified that any use, dissemination, disclosure or copying of this communication is strictly prohibited. If you have received this communication in error, please destroy all copies of this message and its attachments and notify us immediately. *********************************************************************** --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] *********************************************************************** This message is intended only for the use of the intended recipient and may contain information that is PRIVILEGED and/or CONFIDENTIAL. If you are not the intended recipient, you are hereby notified that any use, dissemination, disclosure or copying of this communication is strictly prohibited. If you have received this communication in error, please destroy all copies of this message and its attachments and notify us immediately. *********************************************************************** --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
